Computer Forensics: Re: Analysing a Windows registry from Linux or another Windows system

Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Computer Forensics Computer-Forensics

[Top] [All Lists]

Re: Analysing a Windows registry from Linux or another Windows system

from [Ben Koren] Network Security

[Permanent Link]

Subject:	Re: Analysing a Windows registry from Linux or another Windows system
Date:	Mon, 17 Apr 2006 15:51:20 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You're going to have to snip out the parts of the source that you need,
but this should get you started. Written in C.

http://home.eunet.no/~pnordahl/ntpasswd/

Rikard Johnels wrote:

Hello!
I have been set to analyse two windows registry files from a compromised 
Win98 
system. All i am given is the user.dat and system.dat files from the 
recovered disk.

How can i read these files and recover data from them?
Especially we need the ISP settings (Modem. It has no network card) to be 
able 
to verify where this specific computer was connecting to.

Any tips or pointers?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x9256C360

iD8DBQFEQ//IHYbPX5JWw2ARAjRkAKCOiwxSNactTePeNWXUsiJsR1dsBwCcDs1X
rauVDghFMUwNLork/39G8mQ=
=4ROa
-----END PGP SIGNATURE-----

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Analysing a Windows registry from Linux or another Windows system, Rikard Johnels Re: Analysing a Windows registry from Linux or another Windows system, Ben Koren <= Re: Analysing a Windows registry from Linux or another Windows system, Ansgar -59cobalt- Wiechers RE: Analysing a Windows registry from Linux or another Windows system, Bobby Smathers RE: Analysing a Windows registry from Linux or another Windows system, Greg Kelley Re: Analysing a Windows registry from Linux or another Windows system, nickpuetz RE: Analysing a Windows registry from Linux or another Windows system, Mike FW: Analysing a Windows registry from Linux or another Windows system, Scott Gossard

Previous by Date:	RE: Analysing a Windows registry from Linux or another Windows system, Bobby Smathers
Next by Date:	Re: Analysing a Windows registry from Linux or another Windows system, Ansgar -59cobalt- Wiechers
Previous by Thread:	Analysing a Windows registry from Linux or another Windows system, Rikard Johnels
Next by Thread:	Re: Analysing a Windows registry from Linux or another Windows system, Ansgar -59cobalt- Wiechers
Indexes:	[Date] [Thread] [Top] [All Lists]